Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/na.elf
|
/tmp/na.elf
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/usr/lib/udisks2/udisksd
|
-
|
||
|
/usr/sbin/dumpe2fs
|
dumpe2fs -h /dev/dm-0
|
||
|
/usr/lib/udisks2/udisksd
|
-
|
||
|
/usr/sbin/dumpe2fs
|
dumpe2fs -h /dev/dm-0
|
||
|
/usr/lib/udisks2/udisksd
|
-
|
||
|
/usr/sbin/dumpe2fs
|
dumpe2fs -h /dev/dm-0
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/lib/snapd/snap-failure
|
/usr/lib/snapd/snap-failure snapd
|
||
|
/usr/lib/snapd/snap-failure
|
-
|
||
|
/usr/bin/systemctl
|
systemctl stop snapd.socket
|
||
|
/usr/lib/snapd/snap-failure
|
-
|
There are 4 hidden processes, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
enemybotnet.com
|
93.123.39.105
|
 |
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
93.123.39.105
|
enemybotnet.com
|
Bulgaria
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7fa4384ae000
|
page read and write
|
|||
|
55cb2ec2c000
|
page read and write
|
|||
|
55cb2ec2c000
|
page read and write
|
|||
|
7fa437d9c000
|
page read and write
|
|||
|
55cb30c34000
|
page execute and read and write
|
|||
|
7fa437d9c000
|
page read and write
|
|||
|
55cb30c34000
|
page execute and read and write
|
|||
|
55cb2ec36000
|
page read and write
|
|||
|
7fa43817d000
|
page read and write
|
|||
|
7fa43817d000
|
page read and write
|
|||
|
7fa437aec000
|
page read and write
|
|||
|
7fa3b0414000
|
page execute read
|
|||
|
7fa4387c0000
|
page read and write
|
|||
|
7ffe142d8000
|
page execute read
|
|||
|
7fa4387c0000
|
page read and write
|
|||
|
7fa438805000
|
page read and write
|
|||
|
7fa3b0455000
|
page read and write
|
|||
|
7ffe142cf000
|
page read and write
|
|||
|
7fa430000000
|
page read and write
|
|||
|
55cb30c4b000
|
page read and write
|
|||
|
7fa3b0458000
|
page read and write
|
|||
|
7fa3b0455000
|
page read and write
|
|||
|
7fa43813d000
|
page read and write
|
|||
|
55cb30c4b000
|
page read and write
|
|||
|
7fa43868f000
|
page read and write
|
|||
|
7ffe142d8000
|
page execute read
|
|||
|
7fa438160000
|
page read and write
|
|||
|
7fa430000000
|
page read and write
|
|||
|
55cb2ec36000
|
page read and write
|
|||
|
7fa4387b8000
|
page read and write
|
|||
|
7fa3b0458000
|
page read and write
|
|||
|
7ffe142cf000
|
page read and write
|
|||
|
7fa4372d6000
|
page read and write
|
|||
|
7fa4372d6000
|
page read and write
|
|||
|
55cb2e9a4000
|
page execute read
|
|||
|
55cb30ff9000
|
page read and write
|
|||
|
7fa3b0414000
|
page execute read
|
|||
|
7fa437aec000
|
page read and write
|
|||
|
7fa437ade000
|
page read and write
|
|||
|
7fa430021000
|
page read and write
|
|||
|
7fa43868f000
|
page read and write
|
|||
|
7fa4387b8000
|
page read and write
|
|||
|
55cb30ff9000
|
page read and write
|
|||
|
7fa43813d000
|
page read and write
|
|||
|
7fa438160000
|
page read and write
|
|||
|
55cb2e9a4000
|
page execute read
|
|||
|
7fa438805000
|
page read and write
|
|||
|
7fa430021000
|
page read and write
|
|||
|
7fa437ade000
|
page read and write
|
|||
|
7fa4384ae000
|
page read and write
|
There are 40 hidden memdumps, click here to show them.